From d9a68bee40f26e20d0e0aa960c66f3db95951dc3 Mon Sep 17 00:00:00 2001
From: Johann Behr <j.behr@avm.de>
Date: Thu, 9 Feb 2023 11:45:14 +0100
Subject: [PATCH 1/2] Add 6443/TCP to webhook egress NetworkPolicy

Signed-off-by: Johann Behr <j.behr@avm.de>
---
 deploy/charts/cert-manager/values.yaml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/deploy/charts/cert-manager/values.yaml b/deploy/charts/cert-manager/values.yaml
index 64b0b8d9d..459567725 100644
--- a/deploy/charts/cert-manager/values.yaml
+++ b/deploy/charts/cert-manager/values.yaml
@@ -420,6 +420,8 @@ webhook:
         protocol: TCP
       - port: 53
         protocol: UDP
+      - port: 6443
+        protocol: TCP
       to:
       - ipBlock:
           cidr: 0.0.0.0/0

From ea5c7b3bfd5aba6a0f5a302f51e840d66db57ee5 Mon Sep 17 00:00:00 2001
From: Johann Behr <24767736+ExNG@users.noreply.github.com>
Date: Fri, 10 Feb 2023 14:43:06 +0100
Subject: [PATCH 2/2] Update deploy/charts/cert-manager/values.yaml
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Co-authored-by: Maël Valais <mael@vls.dev>
Signed-off-by: Johann Behr <24767736+ExNG@users.noreply.github.com>
---
 deploy/charts/cert-manager/values.yaml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/deploy/charts/cert-manager/values.yaml b/deploy/charts/cert-manager/values.yaml
index 459567725..01169b7c2 100644
--- a/deploy/charts/cert-manager/values.yaml
+++ b/deploy/charts/cert-manager/values.yaml
@@ -420,6 +420,8 @@ webhook:
         protocol: TCP
       - port: 53
         protocol: UDP
+      # On OpenShift and OKD, the Kubernetes API server listens on
+      # port 6443.
       - port: 6443
         protocol: TCP
       to: